US10061638B2 - Isolating faulty components in a clustered storage system with random redistribution of errors in data - Google Patents
Isolating faulty components in a clustered storage system with random redistribution of errors in dataDownload PDFInfo
- Publication number
- US10061638B2 US10061638B2US15/083,528US201615083528AUS10061638B2US 10061638 B2US10061638 B2US 10061638B2US 201615083528 AUS201615083528 AUS 201615083528AUS 10061638 B2US10061638 B2US 10061638B2
- Authority
- US
- United States
- Prior art keywords
- given
- storage system
- modules
- failure
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active, expires
Links
Images
Classifications
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0793—Remedial or corrective actions
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0706—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment
- G06F11/0727—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment in a storage system, e.g. in a DASD or network based storage system
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0751—Error or fault detection not based on redundancy
- G06F11/0754—Error or fault detection not based on redundancy by exceeding limits
- G06F11/076—Error or fault detection not based on redundancy by exceeding limits by exceeding a count or rate limit, e.g. word- or bit count limit
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/16—Error detection or correction of the data by redundancy in hardware
- G06F11/20—Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
- G06F11/2053—Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements where persistent mass storage functionality or persistent mass storage control functionality is redundant
- G06F11/2094—Redundant storage or storage space
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/3003—Monitoring arrangements specially adapted to the computing system or computing system component being monitored
- G06F11/3034—Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system component is a storage system, e.g. DASD based or network based
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/079—Root cause analysis, i.e. error or fault diagnosis
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
- G06F2201/81—Threshold
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11C—STATIC STORES
- G11C29/00—Checking stores for correct operation ; Subsequent repair; Testing stores during standby or offline operation
- G11C29/04—Detection or location of defective memory elements, e.g. cell constructio details, timing of test signals
- G11C2029/0409—Online test
Definitions
- the present inventionrelates generally to storage systems, and specifically to isolating faulty components in a clustered storage system with random redistribution of errors in user data.
- Clustered storageis the use of two or more storage servers working together to increase performance, capacity, or reliability. Clustering distributes workloads to each server, manages the transfer of workloads between servers, and provides access to all files from any server regardless of the physical location of the file.
- clustered storage systemsinclude tightly coupled clusters and loosely coupled clusters.
- a tightly coupled clusterhas a proprietary physical backplane into which controller nodes connect. While this backplane fixes the maximum size of the cluster, it delivers a high-performance interconnect between servers for load-balanced performance and maximum scalability as the cluster grows. Additional array controllers, input/output (I/O) ports, and capacity can connect into the cluster as demand dictates.
- I/Oinput/output
- a loosely coupled clusteroffers cost-effective building blocks that can start small and grow as applications demand.
- a loose clusteroffers performance, I/O, and storage capacity within the same node. As a result, performance scales with capacity and vice versa.
- a methodincluding configuring, at a first time, a storage system including multiple modules to store and process storage requests for respective sets of data objects, identifying, while processing the storage requests, respective subsets of the data objects having one or more data errors, identifying, at a second time subsequent to the first time, respective modules storing each of the data objects having at least one data error, computing, based on the identified modules, a frequency distribution of the identified data errors in the data objects over the multiple modules, identifying, based on the frequency distribution, a failure in a given module, and removing the identified module from the storage system.
- a storage systemincluding multiple modules configured at a first time to store and process storage requests for respective sets of data objects, each of the modules configured to identify, while processing the storage requests, respective subsets of the data objects having one or more data errors, to identify, at a second time subsequent to the first time, respective modules storing each of the data objects having at least one data error, to compute, based on the identified modules, a frequency distribution of the identified data errors in the data objects over the multiple modules, to identify, based on the frequency distribution, a failure in a given module, and to remove the identified module from the storage system.
- a computer program productincluding a non-transitory computer readable storage medium having computer readable program code embodied therewith, the computer readable program code including computer readable program code configured to arrange, at a first time, a storage system including multiple modules to store and process storage requests for respective sets of data objects, computer readable program code configured to identify, while processing the storage requests, respective subsets of the data objects having one or more data errors, computer readable program code configured to identify, at a second time subsequent to the first time, respective modules storing each of the data objects having at least one data error, computer readable program code configured to compute, based on the identified modules, a frequency distribution of the identified data errors in the data objects over the multiple modules, computer readable program code configured to identify, based on the frequency distribution, a failure in a given module, and computer readable program code configured to remove the identified module from the storage system.
- FIG. 1is a block diagram that schematically illustrates a storage system comprising a clustered storage controller having multiple modules, in accordance with an embodiment of the present invention
- FIG. 2is a block diagram that schematically illustrates software and hardware components that enable the clustered storage controller to detect and isolate a faulty given module, in accordance with an embodiment of the present invention.
- FIG. 3is a flow diagram that schematically illustrates a method of detecting and isolating the given module, in accordance with an embodiment of the preset invention.
- Hardware and/or software malfunctions in a storage systemmay result in faulty data (i.e., errors in the data) being written to a storage device, and the faulty data may only first be detected upon subsequently processing a read operation on the data.
- faulty datai.e., errors in the data
- This problemcan be exacerbated in a clustered storage system comprising multiple modules, where data objects including faulty data (specifically data with undetected errors) may occasionally be redistributed across the modules.
- Embodiments of the present inventionprovide methods and systems for identifying and isolating faulty modules in a clustered storage system that may occasionally perform data object redistribution.
- a storage systemcomprising multiple modules is configured to store and process storage requests for respective sets of data objects, and while processing the storage requests, respective subsets of the data objects having one or more data errors are identified.
- the storage systemserves and processes storage requests, it identifies errors in the data objects, and collects the associates the identified errors with the data objects.
- respective modules storing each of the data objects having at least one data errorare identified (i.e., the modules storing the data objects are identified at the second time in case the data objects were redistributed in the storage system).
- a frequency distribution of the identified errors in the data objects over all the modules in the storage systemis computed, and a failure in a given module is identified based on the frequency distribution. The frequency distribution is such that it is not sensitive to the redistribution of data objects.
- the given modulecan be isolated by removing it from the clustered storage system.
- the frequency distributionmay indicate a system-wide fault in the storage system. For example, there may be a bug in software executing in all the modules of the storage system. In this case, upon identifying the system-wide fault, the entire storage system can be deactivated and taken off-line.
- FIG. 1is a block diagram that schematically illustrates a data processing storage subsystem 20 , in accordance with an embodiment of the invention.
- the particular subsystem (also referred to herein as a storage system) shown in FIG. 1is presented to facilitate an explanation of the invention.
- the inventioncan be practiced using other computing environments, such as other storage subsystems with diverse architectures and capabilities.
- Storage subsystem 20receives, from one or more host computers 22 , input/output (I/O) requests, which are commands to read or write data at logical addresses on logical volumes.
- I/Oinput/output
- Any number of host computers 22are coupled to storage subsystem 20 by any means known in the art, for example, using a network.
- host computers 22 and storage subsystem 20are assumed to be coupled by a Storage Area Network (SAN) 26 incorporating data connections 24 and Host Bus Adapters (HBAs) 28 .
- the logical addressesspecify a range of data blocks within a logical volume, each block herein being assumed by way of example to contain 512 bytes.
- Storage subsystem 20may operate in, or as, a SAN system.
- Storage subsystem 20comprises a clustered storage controller 34 coupled between SAN 26 and a private network 46 using data connections 30 and 44 , respectively, and incorporating adapters 32 and 42 , again respectively.
- adapters 32 and 42may comprise host bus adapters (HBAs).
- Clustered storage controller 34implements clusters of storage modules 36 , each of which includes a processor 52 , an interface 40 (in communication between adapters 32 and 42 ), and a cache 38 .
- Each storage module 36is responsible for a number of storage devices 50 by way of a data connection 48 as shown.
- each storage module 36further comprises a given cache 38 .
- the number of caches 38 used in storage subsystem 20 and in conjunction with clustered storage controller 34may be any convenient number. While all caches 38 in storage subsystem 20 may operate in substantially the same manner and comprise substantially similar elements, this is not a requirement.
- Each of the caches 38may be approximately equal in size and is assumed to be coupled, by way of example, in a one-to-one correspondence with a set of physical storage devices 50 , which may comprise disks. In one embodiment, physical storage devices may comprise such disks. Those skilled in the art will be able to adapt the description herein to caches of different sizes.
- Each set of storage devices 50comprises multiple slow and/or fast access time mass storage devices, herein below assumed to be multiple hard disks.
- FIG. 1shows caches 38 coupled to respective sets of storage devices 50 .
- the sets of storage devices 50comprise one or more hard disks, or solid state drives (SSDs) which can have different performance characteristics.
- SSDssolid state drives
- a given cache 38may read or write data at addressable physical locations of a given storage device 50 .
- caches 38are able to exercise certain control functions over storage devices 50 . These control functions may alternatively be realized by hardware devices such as disk controllers (not shown), which are linked to caches 38 .
- Each storage module 36is operative to monitor its state, including the states of associated caches 38 , and to transmit configuration information to other components of storage subsystem 20 for example, configuration changes that result in blocking intervals, or limit the rate at which I/O requests for the sets of physical storage are accepted.
- HBAs 28may be coupled to storage modules 36 by at least one switch (not shown) of SAN 26 , which can be of any known type having a digital cross-connect function. Additionally or alternatively, HBAs 28 may be coupled to storage modules 36 .
- data having contiguous logical addressescan be distributed across modules 36 , and within the storage devices in each of the modules.
- the datacan be distributed using other algorithms, e.g., byte or block interleaving. In general, this increases bandwidth, for instance, by allowing a volume in a SAN or a file in network attached storage to be read from or written to more than one given storage device 50 at a time.
- this techniquerequires coordination among the various storage devices, and in practice may require complex provisions for any failure of the storage devices, and a strategy for dealing with error checking information, e.g., a technique for storing parity information relating to distributed data. Indeed, when logical unit partitions are distributed in sufficiently small granularity, data associated with a single logical unit may span all of the storage devices 50 .
- clustered storage controller 34may be adapted for implementation in conjunction with certain hardware, such as a rack mount system, a midplane, and/or a backplane. Indeed, private network 46 in one embodiment may be implemented using a backplane. Additional hardware such as the aforementioned switches, processors, controllers, memory devices, and the like may also be incorporated into clustered storage controller 34 and elsewhere within storage subsystem 20 , again as the skilled artisan will appreciate. Further, a variety of software components, operating systems, firmware, and the like may be integrated into one storage subsystem 20 .
- Storage devices 50may comprise a combination of high capacity hard disk drives and solid state disk drives.
- each of storage devices 50may comprise a logical storage device.
- the logical storage devicesmay be referred to as logical units, or LUNs. While each LUN can be addressed as a single logical unit, the LUN may comprise a combination of high capacity hard disk drives and/or solid state disk drives.
- SCSISmall Computer System Interface
- FIG. 1shows storage controller 34 comprising four modules 36 and each of the modules coupled to four storage devices 50
- a given storage controllercomprising any multiple of modules 36 coupled to any plurality of storage devices 50 is considered to be with the spirit and scope of the present invention.
- FIG. 2is a block diagram that schematically illustrates clustered storage controller 34 configured to detect and isolate a given module 36 , in accordance with an embodiment of the present invention.
- clustered storage controller 34can be configured to detect and isolate a given component (e.g., a given storage device 50 ) in a given module 36 .
- clustered storage controller 34implements object storage.
- Object storageis a storage architecture that manages data as objects, as opposed to other storage architectures like file systems which manage data as a file hierarchy and block storage which manages data as blocks within sectors and tracks.
- Each objecttypically includes the data itself, a variable amount of metadata, and a globally unique identifier.
- Object storagecan be implemented at multiple levels, including the device level (object storage device), the system level, and the interface level. In each case, object storage seeks to enable capabilities not addressed by other storage architectures, like interfaces that can be directly programmable by the application, a namespace that can span multiple instances of physical hardware, and data management functions like data replication and data distribution at object-level granularity.
- clustered storage controller 34stores and manages data 60 in data objects 62 that are distributed across storage devices 50 .
- each data object 62comprises a data object identifier 64 , metadata 66 that describes the data object, an error check 68 and an error flag 70 .
- Each error check 68comprises a mathematical calculation (e.g., a parity calculation, a checksum or a cyclic redundancy check) that storage controller 34 can use to determine the integrity of data 60 .
- a given processor 52can set the error flag for a given data object 62 upon determining, using error check 68 , that the data for the given data object is not valid.
- each module 36comprises a memory 72 that stores cache 38 , interface 40 , an error table 74 , and an error counter 76 .
- the given processorupon a given processor 52 in a given module 36 detecting a given object 62 in the given module that whose data is no valid (i.e., the data contains errors), the given processor can add an entry 78 for the given module to error table 74 .
- the given processorupon receiving a request to access the data in the given data object, can return an error code upon identifying the entry indicating the given data object.
- each entry 78comprises a bad data object identifier 80 (that indicates a given data object 62 having non valid data 60 ).
- Each entry 78may also comprise a component identifier 82 .
- a failure causing data corruptionmay be limited to a single component (e.g., a given storage device 50 ) in a given module.
- component identifier 82to identify the bad component can enable clustered storage controller 34 to isolate the given component as opposed to isolating a given module 36 comprising the given component.
- Processors 52comprise general-purpose central processing units (CPU) or special-purpose embedded processors, which are programmed in software or firmware to carry out the functions described herein.
- the softwaremay be downloaded to modules 36 in electronic form, over a network, for example, or it may be provided on non-transitory tangible media, such as optical, magnetic or electronic memory media.
- some or all of the functions of processors 52be carried out by dedicated or programmable digital hardware components, or using a combination of hardware and software elements.
- the present inventionmay be a system, a method, and/or a computer program product.
- the computer program productmay include a computer readable storage medium (or media) having computer readable program instructions thereon for causing a processor to carry out aspects of the present invention.
- the computer readable storage mediumcan be a tangible device that can retain and store instructions for use by an instruction execution device.
- the computer readable storage mediummay be, for example, but is not limited to, an electronic storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing.
- a non-exhaustive list of more specific examples of the computer readable storage mediumincludes the following: a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), a static random access memory (SRAM), a portable compact disc read-only memory (CD-ROM), a digital versatile disk (DVD), a memory stick, a floppy disk, a mechanically encoded device such as punch-cards or raised structures in a groove having instructions recorded thereon, and any suitable combination of the foregoing.
- RAMrandom access memory
- ROMread-only memory
- EPROM or Flash memoryerasable programmable read-only memory
- SRAMstatic random access memory
- CD-ROMcompact disc read-only memory
- DVDdigital versatile disk
- memory sticka floppy disk
- a mechanically encoded devicesuch as punch-cards or raised structures in a groove having instructions recorded thereon
- a computer readable storage mediumis not to be construed as being transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission media (e.g., light pulses passing through a fiber-optic cable), or electrical signals transmitted through a wire.
- Computer readable program instructions described hereincan be downloaded to respective computing/processing devices from a computer readable storage medium or to an external computer or external storage device via a network, for example, the Internet, a local area network, a wide area network and/or a wireless network.
- the networkmay comprise copper transmission cables, optical transmission fibers, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers.
- a network adapter card or network interface in each computing/processing devicereceives computer readable program instructions from the network and forwards the computer readable program instructions for storage in a computer readable storage medium within the respective computing/processing device.
- Computer readable program instructions for carrying out operations of the present inventionmay be assembler instructions, instruction-set-architecture (ISA) instructions, machine instructions, machine dependent instructions, microcode, firmware instructions, state-setting data, or either source code or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C++ or the like, and conventional procedural programming languages, such as the “C” programming language or similar programming languages.
- the computer readable program instructionsmay execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server.
- the remote computermay be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider).
- electronic circuitryincluding, for example, programmable logic circuitry, field-programmable gate arrays (FPGA), or programmable logic arrays (PLA) may execute the computer readable program instructions by utilizing state information of the computer readable program instructions to personalize the electronic circuitry, in order to perform aspects of the present invention.
- These computer readable program instructionsmay be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
- These computer readable program instructionsmay also be stored in a computer readable storage medium that can direct a computer, a programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer readable storage medium having instructions stored therein comprises an article of manufacture including instructions which implement aspects of the function/act specified in the flowchart and/or block diagram block or blocks.
- the computer readable program instructionsmay also be loaded onto a computer, other programmable data processing apparatus, or other device to cause a series of operational steps to be performed on the computer, other programmable apparatus or other device to produce a computer implemented process, such that the instructions which execute on the computer, other programmable apparatus, or other device implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
- FIG. 3is a flow diagram that schematically illustrates a method of isolating a given faulty module 36 , in accordance with an embodiment of the preset invention.
- the method described in the flow diagramcan be used to isolate a given faulty component (e.g., a given storage device 50 ) in a given module 36 .
- clustered storage controller 34is configured (e.g., via a given host computer 22 ) to store and manage data objects 62 . While embodiments described herein comprise storage controller 34 detecting errors while storing and managing data objects 62 , detecting errors and isolating a given module 36 (or a given component in the modules) while storing any type of data 60 is considered to be within the spirit and scope of the present invention.
- processors 52initialize respective error counters 76 , and in a processing step 94 , a given processor 52 in a given module 36 receives and processes a storage request (e.g., an I/O request) for a given data object 62 stored in the given module.
- a storage requeste.g., an I/O request
- the given processordetects an error in the data processed by the storage request (i.e., via error check 68 )
- the given processorflags the given data object in a flag step 98 .
- the erroris typically due to a hardware failure or a software failure (e.g., a bug).
- the given processorflags the given object by setting error flag 70 in the given object to a value that indicates the data error, thereby enabling processors 52 to accumulate an error count for each of the data objects.
- the given processoridentifies a given component (e.g., a given storage device 50 in a given module 36 ) that is causing the error, and in an increment step 102 , the given processor increments error counter 76 in the given module.
- memory 72may store additional error counters 76 for components (e.g., storage devices 50 ) in each of the modules.
- the given processorcan increment the appropriate error counter if the given processor can identify a given component in the given module that is causing the data errors.
- a second comparison step 104if clustered storage controller 34 generates a data object redistribution request, then in a redistribution step 106 , processors 52 redistribute data objects 62 across storage devices 50 in modules 36 , and redistributes error counters 76 accordingly.
- clustered storage controller 34Upon redistributing a given data object 62 from a first given module 36 to a second given module 36 , clustered storage controller 34 reconfigures the second given module to process storage requests for the given data object.
- a third comparison step 108if clustered storage controller 34 or a given host computer 22 generates an analysis request, then in an isolation step 110 , the given processor conveys a message to clustered storage controller 34 to isolate (i.e., remove from operation) the given module (or the identified component), and the method continues with step 94 .
- error counters 76can be reset upon isolating any given module or component from clustered storage controller 34 .
- error counters 76may be reset, or periodically reduced in order to introduce a time window for which the divergence statistical measure is evaluated. In further embodiments error counters 76 may be reduced if the detected errors are infrequent enough to be considered within a specified (or calculated) “normal” range.
- a given processor 52 in clustered storage controller 34can analyze a frequency distribution of error counters 76 for each module 36 to determine if any of the modules need to be isolated and removed (i.e., deactivated) from storage controller 34 .
- E xcomprises error counter 76 for the given module
- Fcomprises a user-specified factor
- AvgErrs(n ⁇ x)comprises an average of the error counters for all the remaining (i.e., excluding the given module) modules 36 in the clustered storage controller.
- clustered storage controller 34can deactivate a given module 36 upon calculating the logical equation presented supra as “true”. For example, if factor F is five, then clustered storage controller 34 will isolate a given module 36 if the number of error detected for the given module is greater than or equal to five times the average of the detected errors in the remaining modules.
- clustered storage controller 34can isolate a given module 36 (or a given component in the module) if a divergence of error count 76 of the given module (or component) is above a specified threshold (e.g., if a given error count 76 is greater than a specified factor times an average of the error counts, or if the given error count is the factor times sigma from the average of the error counts). In additional embodiments, if an average (or a sum of the) number of error counts 76 across all the modules is above a specified threshold, then clustered storage controller 34 can deactivate itself by taking the clustered storage controller offline.
- a specified thresholde.g., if a given error count 76 is greater than a specified factor times an average of the error counts, or if the given error count is the factor times sigma from the average of the error counts.
- step 108if clustered storage controller 34 or a given host computer 22 do not generate an analysis request, then the method continues with step 94 .
- step 104if clustered storage controller 34 does not generate a data object redistribution request, then the method continues with step 108 .
- step 96if the given processor does not detect an error in the given data object, then the method continues with step 104
- a given host computer 22can be programmed to perform the analysis and isolation.
- error counts 76can be presented to a system administrator on a display (not shown) coupled to either a given module 36 or a given host computer 22 , and the isolation can be performed in response to an input (e.g., via a keyboard) from the system administrator.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Quality & Reliability (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- Debugging And Monitoring (AREA)
Abstract
Description
The present invention relates generally to storage systems, and specifically to isolating faulty components in a clustered storage system with random redistribution of errors in user data.
Clustered storage is the use of two or more storage servers working together to increase performance, capacity, or reliability. Clustering distributes workloads to each server, manages the transfer of workloads between servers, and provides access to all files from any server regardless of the physical location of the file.
Examples of clustered storage systems include tightly coupled clusters and loosely coupled clusters. A tightly coupled cluster has a proprietary physical backplane into which controller nodes connect. While this backplane fixes the maximum size of the cluster, it delivers a high-performance interconnect between servers for load-balanced performance and maximum scalability as the cluster grows. Additional array controllers, input/output (I/O) ports, and capacity can connect into the cluster as demand dictates.
A loosely coupled cluster offers cost-effective building blocks that can start small and grow as applications demand. A loose cluster offers performance, I/O, and storage capacity within the same node. As a result, performance scales with capacity and vice versa.
The description above is presented as a general overview of related art in this field and should not be construed as an admission that any of the information it contains constitutes prior art against the present patent application.
There is provided, in accordance with an embodiment of the present invention a method, including configuring, at a first time, a storage system including multiple modules to store and process storage requests for respective sets of data objects, identifying, while processing the storage requests, respective subsets of the data objects having one or more data errors, identifying, at a second time subsequent to the first time, respective modules storing each of the data objects having at least one data error, computing, based on the identified modules, a frequency distribution of the identified data errors in the data objects over the multiple modules, identifying, based on the frequency distribution, a failure in a given module, and removing the identified module from the storage system.
There is also provided, in accordance with an embodiment of the present invention a storage system, including multiple modules configured at a first time to store and process storage requests for respective sets of data objects, each of the modules configured to identify, while processing the storage requests, respective subsets of the data objects having one or more data errors, to identify, at a second time subsequent to the first time, respective modules storing each of the data objects having at least one data error, to compute, based on the identified modules, a frequency distribution of the identified data errors in the data objects over the multiple modules, to identify, based on the frequency distribution, a failure in a given module, and to remove the identified module from the storage system.
There is further provided, in accordance with an embodiment of the present invention a computer program product, the computer program product including a non-transitory computer readable storage medium having computer readable program code embodied therewith, the computer readable program code including computer readable program code configured to arrange, at a first time, a storage system including multiple modules to store and process storage requests for respective sets of data objects, computer readable program code configured to identify, while processing the storage requests, respective subsets of the data objects having one or more data errors, computer readable program code configured to identify, at a second time subsequent to the first time, respective modules storing each of the data objects having at least one data error, computer readable program code configured to compute, based on the identified modules, a frequency distribution of the identified data errors in the data objects over the multiple modules, computer readable program code configured to identify, based on the frequency distribution, a failure in a given module, and computer readable program code configured to remove the identified module from the storage system.
The disclosure is herein described, by way of example only, with reference to the accompanying drawings, wherein:
Hardware and/or software malfunctions in a storage system may result in faulty data (i.e., errors in the data) being written to a storage device, and the faulty data may only first be detected upon subsequently processing a read operation on the data. When errors are detected in stored data, it is beneficial to be able to identify a faulty hardware or software component causing the error in order to take the identified component offline before more data is compromised. This problem can be exacerbated in a clustered storage system comprising multiple modules, where data objects including faulty data (specifically data with undetected errors) may occasionally be redistributed across the modules.
Embodiments of the present invention provide methods and systems for identifying and isolating faulty modules in a clustered storage system that may occasionally perform data object redistribution. As described hereinbelow, at a first time, a storage system comprising multiple modules is configured to store and process storage requests for respective sets of data objects, and while processing the storage requests, respective subsets of the data objects having one or more data errors are identified. In other words, as the storage system serves and processes storage requests, it identifies errors in the data objects, and collects the associates the identified errors with the data objects.
At a second time subsequent to the first time, respective modules storing each of the data objects having at least one data error are identified (i.e., the modules storing the data objects are identified at the second time in case the data objects were redistributed in the storage system). A frequency distribution of the identified errors in the data objects over all the modules in the storage system is computed, and a failure in a given module is identified based on the frequency distribution. The frequency distribution is such that it is not sensitive to the redistribution of data objects. Upon identifying the failure in the given module, the given module can be isolated by removing it from the clustered storage system.
In some embodiments, the frequency distribution may indicate a system-wide fault in the storage system. For example, there may be a bug in software executing in all the modules of the storage system. In this case, upon identifying the system-wide fault, the entire storage system can be deactivated and taken off-line.
As described previously, eachstorage module 36 further comprises a givencache 38. However, it will be appreciated that the number ofcaches 38 used instorage subsystem 20 and in conjunction withclustered storage controller 34 may be any convenient number. While allcaches 38 instorage subsystem 20 may operate in substantially the same manner and comprise substantially similar elements, this is not a requirement. Each of thecaches 38 may be approximately equal in size and is assumed to be coupled, by way of example, in a one-to-one correspondence with a set ofphysical storage devices 50, which may comprise disks. In one embodiment, physical storage devices may comprise such disks. Those skilled in the art will be able to adapt the description herein to caches of different sizes.
Each set ofstorage devices 50 comprises multiple slow and/or fast access time mass storage devices, herein below assumed to be multiple hard disks.FIG. 1 showscaches 38 coupled to respective sets ofstorage devices 50. In some configurations, the sets ofstorage devices 50 comprise one or more hard disks, or solid state drives (SSDs) which can have different performance characteristics. In response to an I/O command, a givencache 38, by way of example, may read or write data at addressable physical locations of a givenstorage device 50. In the embodiment shown inFIG. 1 ,caches 38 are able to exercise certain control functions overstorage devices 50. These control functions may alternatively be realized by hardware devices such as disk controllers (not shown), which are linked tocaches 38.
Eachstorage module 36 is operative to monitor its state, including the states of associatedcaches 38, and to transmit configuration information to other components ofstorage subsystem 20 for example, configuration changes that result in blocking intervals, or limit the rate at which I/O requests for the sets of physical storage are accepted.
Routing of commands and data fromHBAs 28 to clusteredstorage controller 34 and to eachcache 38 may be performed over a network and/or a switch. Herein, by way of example,HBAs 28 may be coupled tostorage modules 36 by at least one switch (not shown) of SAN26, which can be of any known type having a digital cross-connect function. Additionally or alternatively,HBAs 28 may be coupled tostorage modules 36.
In some embodiments, data having contiguous logical addresses can be distributed acrossmodules 36, and within the storage devices in each of the modules. Alternatively, the data can be distributed using other algorithms, e.g., byte or block interleaving. In general, this increases bandwidth, for instance, by allowing a volume in a SAN or a file in network attached storage to be read from or written to more than one givenstorage device 50 at a time. However, this technique requires coordination among the various storage devices, and in practice may require complex provisions for any failure of the storage devices, and a strategy for dealing with error checking information, e.g., a technique for storing parity information relating to distributed data. Indeed, when logical unit partitions are distributed in sufficiently small granularity, data associated with a single logical unit may span all of thestorage devices 50.
While such hardware is not explicitly shown for purposes of illustrative simplicity, clusteredstorage controller 34 may be adapted for implementation in conjunction with certain hardware, such as a rack mount system, a midplane, and/or a backplane. Indeed,private network 46 in one embodiment may be implemented using a backplane. Additional hardware such as the aforementioned switches, processors, controllers, memory devices, and the like may also be incorporated into clusteredstorage controller 34 and elsewhere withinstorage subsystem 20, again as the skilled artisan will appreciate. Further, a variety of software components, operating systems, firmware, and the like may be integrated into onestorage subsystem 20.
While the configuration inFIG. 1 showsstorage controller 34 comprising fourmodules 36 and each of the modules coupled to fourstorage devices 50, a given storage controller comprising any multiple ofmodules 36 coupled to any plurality ofstorage devices 50 is considered to be with the spirit and scope of the present invention.
In the example shown inFIG. 2 , clusteredstorage controller 34 implements object storage. Object storage is a storage architecture that manages data as objects, as opposed to other storage architectures like file systems which manage data as a file hierarchy and block storage which manages data as blocks within sectors and tracks. Each object typically includes the data itself, a variable amount of metadata, and a globally unique identifier. Object storage can be implemented at multiple levels, including the device level (object storage device), the system level, and the interface level. In each case, object storage seeks to enable capabilities not addressed by other storage architectures, like interfaces that can be directly programmable by the application, a namespace that can span multiple instances of physical hardware, and data management functions like data replication and data distribution at object-level granularity.
In embodiments of the present invention, clusteredstorage controller 34 stores and manages data60 in data objects62 that are distributed acrossstorage devices 50. In addition to data60, each data object62 comprises adata object identifier 64,metadata 66 that describes the data object, anerror check 68 and anerror flag 70. Eacherror check 68 comprises a mathematical calculation (e.g., a parity calculation, a checksum or a cyclic redundancy check) thatstorage controller 34 can use to determine the integrity of data60. In embodiments described herein, a givenprocessor 52 can set the error flag for a givendata object 62 upon determining, usingerror check 68, that the data for the given data object is not valid.
In addition toprocessor 52, eachmodule 36 comprises amemory 72 that storescache 38,interface 40, an error table74, and anerror counter 76. In embodiments of the present invention, upon a givenprocessor 52 in a givenmodule 36 detecting a givenobject 62 in the given module that whose data is no valid (i.e., the data contains errors), the given processor can add anentry 78 for the given module to error table74. In some embodiments, upon receiving a request to access the data in the given data object, the given processor can return an error code upon identifying the entry indicating the given data object.
In the example shown inFIG. 2 , eachentry 78 comprises a bad data object identifier80 (that indicates a givendata object 62 having non valid data60). Eachentry 78 may also comprise acomponent identifier 82. In some embodiments, a failure causing data corruption may be limited to a single component (e.g., a given storage device50) in a given module. Usingcomponent identifier 82 to identify the bad component can enable clusteredstorage controller 34 to isolate the given component as opposed to isolating a givenmodule 36 comprising the given component.
The present invention may be a system, a method, and/or a computer program product. The computer program product may include a computer readable storage medium (or media) having computer readable program instructions thereon for causing a processor to carry out aspects of the present invention.
The computer readable storage medium can be a tangible device that can retain and store instructions for use by an instruction execution device. The computer readable storage medium may be, for example, but is not limited to, an electronic storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing. A non-exhaustive list of more specific examples of the computer readable storage medium includes the following: a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), a static random access memory (SRAM), a portable compact disc read-only memory (CD-ROM), a digital versatile disk (DVD), a memory stick, a floppy disk, a mechanically encoded device such as punch-cards or raised structures in a groove having instructions recorded thereon, and any suitable combination of the foregoing. A computer readable storage medium, as used herein, is not to be construed as being transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission media (e.g., light pulses passing through a fiber-optic cable), or electrical signals transmitted through a wire.
Computer readable program instructions described herein can be downloaded to respective computing/processing devices from a computer readable storage medium or to an external computer or external storage device via a network, for example, the Internet, a local area network, a wide area network and/or a wireless network. The network may comprise copper transmission cables, optical transmission fibers, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers. A network adapter card or network interface in each computing/processing device receives computer readable program instructions from the network and forwards the computer readable program instructions for storage in a computer readable storage medium within the respective computing/processing device.
Computer readable program instructions for carrying out operations of the present invention may be assembler instructions, instruction-set-architecture (ISA) instructions, machine instructions, machine dependent instructions, microcode, firmware instructions, state-setting data, or either source code or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C++ or the like, and conventional procedural programming languages, such as the “C” programming language or similar programming languages. The computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider). In some embodiments, electronic circuitry including, for example, programmable logic circuitry, field-programmable gate arrays (FPGA), or programmable logic arrays (PLA) may execute the computer readable program instructions by utilizing state information of the computer readable program instructions to personalize the electronic circuitry, in order to perform aspects of the present invention.
Aspects of the present invention are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer readable program instructions.
These computer readable program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
These computer readable program instructions may also be stored in a computer readable storage medium that can direct a computer, a programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer readable storage medium having instructions stored therein comprises an article of manufacture including instructions which implement aspects of the function/act specified in the flowchart and/or block diagram block or blocks.
The computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other device to cause a series of operational steps to be performed on the computer, other programmable apparatus or other device to produce a computer implemented process, such that the instructions which execute on the computer, other programmable apparatus, or other device implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
Faulty Component and Module Detection and Isolation
In aconfiguration step 90, clusteredstorage controller 34 is configured (e.g., via a given host computer22) to store and manage data objects62. While embodiments described herein comprisestorage controller 34 detecting errors while storing and managing data objects62, detecting errors and isolating a given module36 (or a given component in the modules) while storing any type of data60 is considered to be within the spirit and scope of the present invention.
In aninitialization step 92,processors 52 initialize respective error counters76, and in aprocessing step 94, a givenprocessor 52 in a givenmodule 36 receives and processes a storage request (e.g., an I/O request) for a givendata object 62 stored in the given module. In afirst comparison step 96, if the given processor detects an error in the data processed by the storage request (i.e., via error check68), then the given processor flags the given data object in aflag step 98. In embodiments of the present invention, the error is typically due to a hardware failure or a software failure (e.g., a bug). In some embodiments, the given processor flags the given object by settingerror flag 70 in the given object to a value that indicates the data error, thereby enablingprocessors 52 to accumulate an error count for each of the data objects.
In anidentification step 100, the given processor identifies a given component (e.g., a givenstorage device 50 in a given module36) that is causing the error, and in anincrement step 102, the given processor increments error counter76 in the given module. In some embodiments,memory 72 may store additional error counters76 for components (e.g., storage devices50) in each of the modules. In these embodiments, if the given processor can identify a given component in the given module that is causing the data errors, then the given processor can increment the appropriate error counter.
In asecond comparison step 104, if clusteredstorage controller 34 generates a data object redistribution request, then in aredistribution step 106,processors 52 redistribute data objects62 acrossstorage devices 50 inmodules 36, and redistributes error counters76 accordingly. Upon redistributing a givendata object 62 from a first givenmodule 36 to a second givenmodule 36, clusteredstorage controller 34 reconfigures the second given module to process storage requests for the given data object.
In athird comparison step 108, if clusteredstorage controller 34 or a givenhost computer 22 generates an analysis request, then in anisolation step 110, the given processor conveys a message to clusteredstorage controller 34 to isolate (i.e., remove from operation) the given module (or the identified component), and the method continues withstep 94. If some embodiments, error counters76 can be reset upon isolating any given module or component from clusteredstorage controller 34. In additional embodiments, error counters76 may be reset, or periodically reduced in order to introduce a time window for which the divergence statistical measure is evaluated. In further embodiments error counters76 may be reduced if the detected errors are infrequent enough to be considered within a specified (or calculated) “normal” range.
While processingstep 110, a givenprocessor 52 in clusteredstorage controller 34 can analyze a frequency distribution of error counters76 for eachmodule 36 to determine if any of the modules need to be isolated and removed (i.e., deactivated) fromstorage controller 34. In some embodiments, if clusteredstorage controller 34 comprises n modules, the clustered storage controller can use the logical equation
Ex>=F*AvgErrs(n−x) (1)
in order to determine if a given module x needs to be isolated. In the equation, Excomprises error counter76 for the given module, F comprises a user-specified factor, and AvgErrs(n−x) comprises an average of the error counters for all the remaining (i.e., excluding the given module)modules 36 in the clustered storage controller.
Ex>=F*AvgErrs(n−x) (1)
in order to determine if a given module x needs to be isolated. In the equation, Excomprises error counter76 for the given module, F comprises a user-specified factor, and AvgErrs(n−x) comprises an average of the error counters for all the remaining (i.e., excluding the given module)
In some embodiments, clusteredstorage controller 34 can deactivate a givenmodule 36 upon calculating the logical equation presented supra as “true”. For example, if factor F is five, then clusteredstorage controller 34 will isolate a givenmodule 36 if the number of error detected for the given module is greater than or equal to five times the average of the detected errors in the remaining modules.
In alternative embodiments, clusteredstorage controller 34 can isolate a given module36 (or a given component in the module) if a divergence of error count76 of the given module (or component) is above a specified threshold (e.g., if a givenerror count 76 is greater than a specified factor times an average of the error counts, or if the given error count is the factor times sigma from the average of the error counts). In additional embodiments, if an average (or a sum of the) number of error counts76 across all the modules is above a specified threshold, then clusteredstorage controller 34 can deactivate itself by taking the clustered storage controller offline.
Returning to step108, if clusteredstorage controller 34 or a givenhost computer 22 do not generate an analysis request, then the method continues withstep 94. Returning to step104, if clusteredstorage controller 34 does not generate a data object redistribution request, then the method continues withstep 108. Returning to step96, if the given processor does not detect an error in the given data object, then the method continues withstep 104
While embodiments described hereinabove comprise one or more processors52 (i.e., one ormore modules 36 in the clustered storage controller) other configurations for analyzing errors and isolating a givenmodule 36 are considered to be within the spirit and scope of the present invention. In one alternative embodiment, a givenhost computer 22 can be programmed to perform the analysis and isolation. In another alternative embodiment error counts76 can be presented to a system administrator on a display (not shown) coupled to either a givenmodule 36 or a givenhost computer 22, and the isolation can be performed in response to an input (e.g., via a keyboard) from the system administrator.
It will be appreciated that the embodiments described above are cited by way of example, and that the present invention is not limited to what has been particularly shown and described hereinabove. Rather, the scope of the present invention includes both combinations and subcombinations of the various features described hereinabove, as well as variations and modifications thereof which would occur to persons skilled in the art upon reading the foregoing description and which are not disclosed in the prior art.
Claims (20)
1. A method for faulty component isolation, by a processor, comprising:
configuring, at a first time, a storage system comprising multiple modules to store and process storage requests for respective sets of data objects;
identifying, while processing the storage requests, respective subsets of the data objects having one or more data errors;
identifying, at a second time subsequent to the first time, respective modules storing each of the data objects having at least one data error;
computing, based on the identified modules, a frequency distribution of the one or more data errors in the data objects over the multiple modules;
identifying, based on the frequency distribution, a failure in a given module; and
removing the given module having the identified failure from the storage system such that faulty data associated with the given module having the identified failure is not redistributed across remaining modules of the multiple modules of the storage system.
2. The method according toclaim 1 , and comprising, prior to the second time, moving a given data object from a first given module to a second given module, and reconfiguring the second given module to process storage requests for the given data object.
3. The method according toclaim 1 , wherein each of the multiple modules is associated with an error counter, and wherein determining the failure comprises identifying that a respective error counter for the one of the modules exceeds a specified threshold.
4. The method according toclaim 3 , wherein determining the failure comprises determining that a sum of the error counters of each of the multiple modules exceeds a specified threshold.
5. The method according toclaim 1 , wherein determining the failure in the given module is in response to comparing a number of detected errors in the given module to an average of respective numbers of detected errors in the remaining modules of the multiple modules.
6. The method according toclaim 1 , and comprising deactivating the storage system upon determining, based on a generated analysis request, a failure in the storage system.
7. The method according toclaim 1 , wherein each of the modules comprises multiple components, wherein identifying the failure in the given module comprises identifying the failure in a given component in the given module, and wherein removing the given module having the identified failure from the storage system comprises removing the given component from the storage system.
8. A storage system, comprising:
a processor executing instructions stored in a memory device, the processor in communication with multiple modules configured at a first time to store and process storage requests for respective sets of data objects, wherein, the instructions, when executed, cause the processor to configure each of the multiple modules:
to identify, while processing the storage requests, respective subsets of the data objects having one or more data errors,
to identify, at a second time subsequent to the first time, respective modules storing each of the data objects having at least one data error,
to compute, based on the identified modules, a frequency distribution of the one or more data errors in the data objects over the multiple modules,
to identify, based on the frequency distribution, a failure in a given module, and
to remove the given module having the identified failure from the storage system such that faulty data associated with the given module having the identified failure is not redistributed across remaining modules of the multiple modules of the storage system.
9. The storage system according toclaim 8 , wherein the instructions, when executed, cause the processor to configure each of the multiple modules to move a given data object from a first given module to a second given module, and to reconfigure the second given module to process storage requests for the given data object.
10. The storage system according toclaim 8 , wherein each of the multiple modules is associated with an error counter, and wherein a given module is configured to determine the failure by identifying that a respective error counter for the identified module exceeds a specified threshold.
11. The storage system according toclaim 10 , wherein the instructions, when executed, cause the processor to configure each of the multiple modules to determine the failure by determining that a sum of the error counters of each of the multiple modules exceeds a specified threshold.
12. The storage system according toclaim 8 , wherein the instructions, when executed, cause the processor to configure each of the multiple modules to determine the failure in the given module in response to comparing a number of detected errors in the given module to an average of respective numbers of detected errors in the remaining modules of the multiple modules.
13. The storage system according toclaim 8 , wherein the instructions, when executed, cause the processor to configure each of the multiple modules to deactivate the storage system upon determining, based on a generated analysis request, a failure in the storage system.
14. The storage system according toclaim 8 , wherein each of the modules comprises multiple components, wherein a given module is configured to identify the failure in the given module by identifying the failure in a given component in the given module, and wherein the given module is configured to remove the given module having the identified failure from the storage system by removing the given component from the storage system.
15. A computer program product for faulty component isolation, by a processor, the computer program product comprising:
a non-transitory computer readable storage medium having computer readable program code embodied therewith, the computer readable program code comprising:
computer readable program code configured to arrange, at a first time, a storage system comprising multiple modules to store and process storage requests for respective sets of data objects;
computer readable program code configured to identify, while processing the storage requests, respective subsets of the data objects having one or more data errors;
computer readable program code configured to identify, at a second time subsequent to the first time, respective modules storing each of the data objects having at least one data error;
computer readable program code configured to compute, based on the identified modules, a frequency distribution of the one or more data errors in the data objects over the multiple modules;
computer readable program code configured to identify, based on the frequency distribution, a failure in a given module; and
computer readable program code configured to remove the given module having the identified failure from the storage system such that faulty data associated with the given module having the identified failure is not redistributed across remaining modules of the multiple modules of the storage system.
16. The computer program product according toclaim 15 , and comprising computer readable program code configured, prior to the second time, to move a given data object from a first given module to a second given module, and to reconfigure the second given module to process storage requests for the given data object.
17. The computer program product according toclaim 15 , wherein each of the multiple modules is associated with an error counter, and wherein the computer readable program code is configured to determine the failure by identifying that a respective error counter for the one of the modules exceeds a specified threshold.
18. The computer program product according toclaim 17 , wherein the computer readable program code is configured to determine the failure by determining that a sum of the error counters of each of the multiple modules exceeds a specified threshold.
19. The computer program product according toclaim 15 , and comprising computer readable program code configured to deactivate the storage system upon determining, based on a generated analysis request, a failure in the storage system.
20. The computer program product according toclaim 15 , wherein each of the modules comprises multiple components, wherein the computer readable program code is configured to identify the failure in the given module by identifying the failure in a given component in the given module, and wherein the computer readable program code is configured to remove the given module having the identified failure from the storage system by removing the given component from the storage system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US15/083,528US10061638B2 (en) | 2016-03-29 | 2016-03-29 | Isolating faulty components in a clustered storage system with random redistribution of errors in data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US15/083,528US10061638B2 (en) | 2016-03-29 | 2016-03-29 | Isolating faulty components in a clustered storage system with random redistribution of errors in data |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| US20170286206A1 US20170286206A1 (en) | 2017-10-05 |
| US10061638B2true US10061638B2 (en) | 2018-08-28 |
Family
ID=59958812
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US15/083,528Active2036-08-10US10061638B2 (en) | 2016-03-29 | 2016-03-29 | Isolating faulty components in a clustered storage system with random redistribution of errors in data |
Country Status (1)
| Country | Link |
|---|---|
| US (1) | US10061638B2 (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10289466B2 (en)* | 2017-02-01 | 2019-05-14 | International Business Machines Corporation | Error data collection improvements in storage network components |
| US10860483B2 (en)* | 2019-04-30 | 2020-12-08 | EMC IP Holding Company LLC | Handling metadata corruption to avoid data unavailability |
Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4053751A (en)* | 1976-04-28 | 1977-10-11 | Bell Telephone Laboratories, Incorporated | Adaptable exerciser for a memory system |
| US5251227A (en)* | 1989-08-01 | 1993-10-05 | Digital Equipment Corporation | Targeted resets in a data processor including a trace memory to store transactions |
| US6158025A (en)* | 1997-07-28 | 2000-12-05 | Intergraph Corporation | Apparatus and method for memory error detection |
| US20030088816A1 (en) | 2001-11-08 | 2003-05-08 | Kun-Ho Wu | Method and system for detecting and isolating faulted part of a memory device |
| US20060112219A1 (en) | 2004-11-19 | 2006-05-25 | Gaurav Chawla | Functional partitioning method for providing modular data storage systems |
| US7346811B1 (en) | 2004-08-13 | 2008-03-18 | Novell, Inc. | System and method for detecting and isolating faults in a computer collaboration environment |
| US20090125671A1 (en)* | 2006-12-06 | 2009-05-14 | David Flynn | Apparatus, system, and method for storage space recovery after reaching a read count limit |
| US7702966B2 (en) | 2005-09-07 | 2010-04-20 | Intel Corporation | Method and apparatus for managing software errors in a computer system |
| US20100157766A1 (en)* | 2008-12-22 | 2010-06-24 | Gregg Jody L | Predicting cartridge failure from cartridge memory data |
| US20100262795A1 (en)* | 2009-04-08 | 2010-10-14 | Steven Robert Hetzler | System, method, and computer program product for analyzing monitor data information from a plurality of memory devices having finite endurance and/or retention |
| US20120137167A1 (en)* | 2010-11-30 | 2012-05-31 | Microsoft Corporation | Systematic mitigation of memory errors |
| US20120151276A1 (en)* | 2010-12-13 | 2012-06-14 | Microsoft Corporation | Early Detection of Failing Computers |
| US20140245106A1 (en)* | 2013-02-22 | 2014-08-28 | Intel Mobile Communications GmbH | Memeroy circuits, method for accessing a memory and method for repairing a memory |
| US9026869B1 (en) | 2012-11-01 | 2015-05-05 | Amazon Technologies, Inc. | Importance-based data storage verification |
| EP2884392A1 (en) | 2013-12-13 | 2015-06-17 | Thales | Triple software redundancy fault tolerant framework architecture |
| US20170123879A1 (en)* | 2015-11-03 | 2017-05-04 | Silicon Graphics International Corp. | Storage error type determination |
- 2016
- 2016-03-29USUS15/083,528patent/US10061638B2/enactiveActive
Patent Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4053751A (en)* | 1976-04-28 | 1977-10-11 | Bell Telephone Laboratories, Incorporated | Adaptable exerciser for a memory system |
| US5251227A (en)* | 1989-08-01 | 1993-10-05 | Digital Equipment Corporation | Targeted resets in a data processor including a trace memory to store transactions |
| US6158025A (en)* | 1997-07-28 | 2000-12-05 | Intergraph Corporation | Apparatus and method for memory error detection |
| US20030088816A1 (en) | 2001-11-08 | 2003-05-08 | Kun-Ho Wu | Method and system for detecting and isolating faulted part of a memory device |
| US7346811B1 (en) | 2004-08-13 | 2008-03-18 | Novell, Inc. | System and method for detecting and isolating faults in a computer collaboration environment |
| US20060112219A1 (en) | 2004-11-19 | 2006-05-25 | Gaurav Chawla | Functional partitioning method for providing modular data storage systems |
| US7702966B2 (en) | 2005-09-07 | 2010-04-20 | Intel Corporation | Method and apparatus for managing software errors in a computer system |
| US20090125671A1 (en)* | 2006-12-06 | 2009-05-14 | David Flynn | Apparatus, system, and method for storage space recovery after reaching a read count limit |
| US20100157766A1 (en)* | 2008-12-22 | 2010-06-24 | Gregg Jody L | Predicting cartridge failure from cartridge memory data |
| US20100262795A1 (en)* | 2009-04-08 | 2010-10-14 | Steven Robert Hetzler | System, method, and computer program product for analyzing monitor data information from a plurality of memory devices having finite endurance and/or retention |
| US20120137167A1 (en)* | 2010-11-30 | 2012-05-31 | Microsoft Corporation | Systematic mitigation of memory errors |
| US20120151276A1 (en)* | 2010-12-13 | 2012-06-14 | Microsoft Corporation | Early Detection of Failing Computers |
| US9026869B1 (en) | 2012-11-01 | 2015-05-05 | Amazon Technologies, Inc. | Importance-based data storage verification |
| US20140245106A1 (en)* | 2013-02-22 | 2014-08-28 | Intel Mobile Communications GmbH | Memeroy circuits, method for accessing a memory and method for repairing a memory |
| EP2884392A1 (en) | 2013-12-13 | 2015-06-17 | Thales | Triple software redundancy fault tolerant framework architecture |
| US20170123879A1 (en)* | 2015-11-03 | 2017-05-04 | Silicon Graphics International Corp. | Storage error type determination |
Non-Patent Citations (1)
| Title |
|---|
| Novark et al., "Exterminator: Automatically Correcting Memory Errors with High Probability," ACM, Jun. 11-13, 2007 (11 pages). |
Also Published As
| Publication number | Publication date |
|---|---|
| US20170286206A1 (en) | 2017-10-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9798474B2 (en) | Software-defined storage system monitoring tool | |
| US9274708B2 (en) | Thick and thin data volume management | |
| US20220107740A1 (en) | Reconfigurable storage system | |
| US8839026B2 (en) | Automatic disk power-cycle | |
| US8214551B2 (en) | Using a storage controller to determine the cause of degraded I/O performance | |
| US10169100B2 (en) | Software-defined storage cluster unified frontend | |
| US9298398B2 (en) | Fine-grained control of data placement | |
| US10133509B2 (en) | Consistency group abstraction | |
| US10581668B2 (en) | Identifying performance-degrading hardware components in computer storage systems | |
| US10289502B2 (en) | User-defined failure domains for software-defined storage systems | |
| US11137927B2 (en) | Storage mirroring decision by capability sets | |
| US10061638B2 (en) | Isolating faulty components in a clustered storage system with random redistribution of errors in data | |
| US10834192B2 (en) | Storage capacity forecasting by capability sets | |
| US9779003B2 (en) | Safely mapping and unmapping host SCSI volumes | |
| US10331371B2 (en) | Determining maximum volume size | |
| US10698618B1 (en) | User-defined failure domains for software-defined storage systems | |
| US9594575B2 (en) | Selecting output destinations for kernel messages | |
| US9524123B2 (en) | Unit attention processing in proxy and owner storage systems | |
| US20150199221A1 (en) | Storage resource pack management | |
| US10031823B2 (en) | Dangerous system command detection |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AS | Assignment | Owner name:INTERNATIONAL BUSINESS MACHINES CORPORATION, NEW Y Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:FISCHER-TOUBOL, JONATHAN;GAZIT, RONEN;HALUMI, AFIEF;AND OTHERS;SIGNING DATES FROM 20160320 TO 20160329;REEL/FRAME:038122/0420 | |
| STCF | Information on status: patent grant | Free format text:PATENTED CASE | |
| FEPP | Fee payment procedure | Free format text:MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY | |
| FEPP | Fee payment procedure | Free format text:SURCHARGE FOR LATE PAYMENT, LARGE ENTITY (ORIGINAL EVENT CODE: M1554); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY | |
| MAFP | Maintenance fee payment | Free format text:PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment:4 |